Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/XEZNzjaS8g2XuZF0WttBuvzbvkI.roa
File: XEZNzjaS8g2XuZF0WttBuvzbvkI.roa (raw, json)
Hash identifier: /t1ug+4rjzT/CIcaUrVvyefchvpdlKCsHpmyVqD/Vs8=
Subject key identifier: 5C:46:4D:CE:36:92:F2:0D:97:B9:91:74:5A:DB:41:BA:FC:DB:BE:42
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 018BEE775B9B92AD6B7284AA69D18BDC50DB
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/XEZNzjaS8g2XuZF0WttBuvzbvkI.roa
Signing time: Mon 20 Nov 2023 20:41:21 +0000
ROA not before: Mon 20 Nov 2023 20:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 159.197.224.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ee:77:5b:9b:92:ad:6b:72:84:aa:69:d1:8b:dc:50:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Nov 20 20:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c464dce3692f20d97b991745adb41bafcdbbe42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9b:11:2c:1e:1f:78:4c:ea:20:75:62:03:0e:
8b:47:4f:ad:ab:6b:e7:22:b4:aa:9d:17:b3:ff:89:
44:25:87:73:d7:e9:34:81:e7:48:17:d2:3e:2a:a8:
cb:6a:fb:8f:64:72:47:5e:4c:a7:d8:d0:1e:b4:a8:
26:00:3a:da:cf:22:26:3b:97:9c:e4:b8:2b:a2:0a:
c3:7f:e7:78:40:71:30:41:44:8f:d8:6c:5d:64:f1:
0f:8b:c4:24:59:ae:e4:ff:4a:32:c0:31:84:54:1e:
84:49:14:e7:0c:e6:21:97:13:f1:75:e8:05:42:26:
cc:7b:ed:79:01:3f:f3:ff:d6:ec:bd:73:fb:1b:4e:
81:d4:a1:97:48:ff:98:5f:52:08:7e:d4:b9:c4:b9:
9f:23:c0:85:24:f3:da:45:4b:49:28:2c:c5:de:8a:
94:52:ab:c9:da:b0:51:e1:08:b1:78:9b:0c:ea:fe:
1f:fe:eb:b7:48:e9:6c:92:3f:0b:5f:1d:1a:a2:96:
61:50:e2:a6:28:11:df:a2:01:ad:64:58:2b:91:b2:
9c:e5:f8:07:ce:e3:ca:47:7d:42:ed:45:9b:26:04:
f0:8e:05:32:55:84:be:5c:c0:af:34:78:80:02:0e:
13:80:26:1f:f8:bf:1e:fe:20:86:2c:76:74:e9:4e:
c2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:46:4D:CE:36:92:F2:0D:97:B9:91:74:5A:DB:41:BA:FC:DB:BE:42
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/XEZNzjaS8g2XuZF0WttBuvzbvkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.224.0/19
Signature Algorithm: sha256WithRSAEncryption
59:94:0e:89:88:e1:c4:56:6d:9c:f3:6b:40:22:02:90:f7:8e:
ed:dd:bf:61:e3:86:d6:4e:be:df:6e:f3:ea:1d:ac:a9:93:5d:
3c:02:f8:c1:02:f7:a8:17:a3:db:30:35:f2:d9:b9:0f:25:3f:
33:41:eb:4a:15:81:fc:de:dc:95:06:d2:43:a3:4a:4e:57:2b:
3f:43:b6:54:f9:de:a9:57:87:7a:e7:e8:5a:9e:2c:94:04:f4:
43:a4:6c:82:92:3a:a1:88:bb:79:b0:8d:9a:a2:ab:d9:e8:c1:
6a:c9:32:d0:c6:41:77:99:49:22:ab:6b:ef:d1:c5:1a:a7:3d:
8b:ec:44:63:4c:fe:ec:46:5b:d4:21:64:6a:7d:41:5b:8e:b7:
fc:38:cc:58:06:18:40:ad:0c:bb:59:1c:29:5b:de:11:61:7b:
d2:69:59:95:a9:36:3e:76:4c:f5:4b:47:23:1c:1f:9c:d5:e4:
64:83:26:e9:60:6c:86:1c:c4:32:89:c7:98:af:7e:8c:fe:48:
7d:08:71:1b:e0:30:ef:fa:82:a5:7f:f0:d5:0e:c1:4c:84:7f:
4c:52:0b:d8:ee:24:78:2b:e9:22:13:db:24:36:04:a5:93:fc:
d0:79:1e:bb:a4:72:e6:0a:71:f7:6e:6e:be:f9:87:08:e3:d7:
22:57:49:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvud1ubkq1rcoSqadGL3FDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjMxMTIwMjA0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzQ2NGRjZTM2OTJmMjBkOTdiOTkxNzQ1YWRiNDFiYWZjZGJiZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpsRLB4feEzqIHViAw6LR0+tq2vn
IrSqnRez/4lEJYdz1+k0gedIF9I+KqjLavuPZHJHXkyn2NAetKgmADrazyImO5ec
5LgrogrDf+d4QHEwQUSP2GxdZPEPi8QkWa7k/0oywDGEVB6ESRTnDOYhlxPxdegF
QibMe+15AT/z/9bsvXP7G06B1KGXSP+YX1IIftS5xLmfI8CFJPPaRUtJKCzF3oqU
UqvJ2rBR4QixeJsM6v4f/uu3SOlskj8LXx0aopZhUOKmKBHfogGtZFgrkbKc5fgH
zuPKR31C7UWbJgTwjgUyVYS+XMCvNHiAAg4TgCYf+L8e/iCGLHZ06U7C6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxGTc42kvINl7mRdFrbQbr8275CMB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvWEVaTnpqYVM4ZzJYdVpGMFd0dEJ1dnpidmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFn8XgMA0G
CSqGSIb3DQEBCwUAA4IBAQBZlA6JiOHEVm2c82tAIgKQ947t3b9h44bWTr7fbvPq
Haypk108AvjBAveoF6PbMDXy2bkPJT8zQetKFYH83tyVBtJDo0pOVys/Q7ZU+d6p
V4d65+haniyUBPRDpGyCkjqhiLt5sI2aoqvZ6MFqyTLQxkF3mUkiq2vv0cUapz2L
7ERjTP7sRlvUIWRqfUFbjrf8OMxYBhhArQy7WRwpW94RYXvSaVmVqTY+dkz1S0cj
HB+c1eRkgybpYGyGHMQyiceYr36M/kh9CHEb4DDv+oKlf/DVDsFMhH9MUgvY7iR4
K+kiE9skNgSlk/zQeR67pHLmCnH3bm6++YcI49ciV0kI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org